Design and development of a hybrid metamorphic portable executable malware detection system
This research paper proposes to design and develop a hybrid Metamorphic Malware Analysis of Portable Executable (PE) malware. PE files are regular executable, object codes, and Dynamic Link Libraries (DLLs) files used commonly in Windows operating systems in 32-bit and 64-bit versions. Problems, whe...
Saved in:
| Main Author: | |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Animo Repository
2022
|
| Subjects: | |
| Online Access: | https://animorepository.dlsu.edu.ph/etdm_ece/29 https://animorepository.dlsu.edu.ph/context/etdm_ece/article/1027/viewcontent/DESIGN2_AND_DEVELOPMENT_OF_A_HYBRID_METAMORPHIC_PORTABLE_EXECUTABL.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | De La Salle University |
| Language: | English |
| id |
oai:animorepository.dlsu.edu.ph:etdm_ece-1027 |
|---|---|
| record_format |
eprints |
| spelling |
oai:animorepository.dlsu.edu.ph:etdm_ece-10272023-10-02T00:05:08Z Design and development of a hybrid metamorphic portable executable malware detection system Diaz, Julianne Alyson I. This research paper proposes to design and develop a hybrid Metamorphic Malware Analysis of Portable Executable (PE) malware. PE files are regular executable, object codes, and Dynamic Link Libraries (DLLs) files used commonly in Windows operating systems in 32-bit and 64-bit versions. Problems, when PE malware is not detected, is its ability to install rootkits, worms, trojans, etc. Popular approaches in literatures suggest the utilization of signature-based detection. Although most studies produce high accuracy, the increasing popularity of metamorphic malware imposes a challenge in signature-based detection, as metamorphic malware has the ability to rewrite its code to appear benign. Hence, the utilization of behavioral-based detection is more useful in analyzing these types of malware. The downside of this technique is the time it takes to analyze the malware. Hence, this research proposes to design and develop a hybrid analysis system that utilizes both static and dynamic analysis to increase the overall accuracy and processing time the metamorphic PE malware detection. The signature-based detection of the malware will utilize a random forest classifier. The dynamic analysis of the system will utilize sequential learning. 2022-11-29T08:00:00Z text application/pdf https://animorepository.dlsu.edu.ph/etdm_ece/29 https://animorepository.dlsu.edu.ph/context/etdm_ece/article/1027/viewcontent/DESIGN2_AND_DEVELOPMENT_OF_A_HYBRID_METAMORPHIC_PORTABLE_EXECUTABL.pdf Electronics And Communications Engineering Master's Theses English Animo Repository Malware (Computer software) Electrical and Computer Engineering |
| institution |
De La Salle University |
| building |
De La Salle University Library |
| continent |
Asia |
| country |
Philippines Philippines |
| content_provider |
De La Salle University Library |
| collection |
DLSU Institutional Repository |
| language |
English |
| topic |
Malware (Computer software) Electrical and Computer Engineering |
| spellingShingle |
Malware (Computer software) Electrical and Computer Engineering Diaz, Julianne Alyson I. Design and development of a hybrid metamorphic portable executable malware detection system |
| description |
This research paper proposes to design and develop a hybrid Metamorphic Malware Analysis of Portable Executable (PE) malware. PE files are regular executable, object codes, and Dynamic Link Libraries (DLLs) files used commonly in Windows operating systems in 32-bit and 64-bit versions. Problems, when PE malware is not detected, is its ability to install rootkits, worms, trojans, etc. Popular approaches in literatures suggest the utilization of signature-based detection. Although most studies produce high accuracy, the increasing popularity of metamorphic malware imposes a challenge in signature-based detection, as metamorphic malware has the ability to rewrite its code to appear benign. Hence, the utilization of behavioral-based detection is more useful in analyzing these types of malware. The downside of this technique is the time it takes to analyze the malware. Hence, this research proposes to design and develop a hybrid analysis system that utilizes both static and dynamic analysis to increase the overall accuracy and processing time the metamorphic PE malware detection. The signature-based detection of the malware will utilize a random forest classifier. The dynamic analysis of the system will utilize sequential learning. |
| format |
text |
| author |
Diaz, Julianne Alyson I. |
| author_facet |
Diaz, Julianne Alyson I. |
| author_sort |
Diaz, Julianne Alyson I. |
| title |
Design and development of a hybrid metamorphic portable executable malware detection system |
| title_short |
Design and development of a hybrid metamorphic portable executable malware detection system |
| title_full |
Design and development of a hybrid metamorphic portable executable malware detection system |
| title_fullStr |
Design and development of a hybrid metamorphic portable executable malware detection system |
| title_full_unstemmed |
Design and development of a hybrid metamorphic portable executable malware detection system |
| title_sort |
design and development of a hybrid metamorphic portable executable malware detection system |
| publisher |
Animo Repository |
| publishDate |
2022 |
| url |
https://animorepository.dlsu.edu.ph/etdm_ece/29 https://animorepository.dlsu.edu.ph/context/etdm_ece/article/1027/viewcontent/DESIGN2_AND_DEVELOPMENT_OF_A_HYBRID_METAMORPHIC_PORTABLE_EXECUTABL.pdf |
| _version_ |
1779260464905060352 |